Text Exploits
31,364 exploits tracked across all sources.
Windows - Privilege Escalation
The Windows kernel in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows Elevation of Privilege Vulnerability".
by Google Security Research
CVSS 7.0
GPS Tracking Software <3.0 - Code Injection
The writeLog function in fn_common.php in gps-server.net GPS Tracking Software (self hosted) through 3.0 allows remote attackers to inject arbitrary PHP code via a crafted request that is mishandled during admin log viewing, as demonstrated by <?php system($_GET[cmd]); ?> in a login request.
by Noman Riffat
CVSS 9.8
Gespage < 7.4.9 - SQL Injection
Multiple SQL injection vulnerabilities in Gespage before 7.4.9 allow remote attackers to execute arbitrary SQL commands via the (1) show_prn parameter to webapp/users/prnow.jsp or show_month parameter to (2) webapp/users/blhistory.jsp or (3) webapp/users/prhistory.jsp.
by Sysdream
CVSS 9.8
Oturia Smart Google Code Inserter < 3.5 - Authentication Bypass
Authentication Bypass vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to insert arbitrary JavaScript or HTML code (via the sgcgoogleanalytic parameter) that runs on all pages served by WordPress. The saveGoogleCode() function in smartgooglecode.php does not check if the current request is made by an authorized user, thus allowing any unauthenticated user to successfully update the inserted code.
by Benjamin Lim
CVSS 9.8
Oturia Smart Google Code Inserter < 3.5 - SQL Injection
SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to execute SQL queries in the context of the web server. The saveGoogleAdWords() function in smartgooglecode.php did not use prepared statements and did not sanitize the $_POST["oId"] variable before passing it as input into the SQL query.
by Benjamin Lim
CVSS 9.8
Opentext Document Sciences Xpression < 4.5 - SQL Injection
xDashboard in OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 has SQL Injection.
by Pawel Gocyla
CVSS 7.5
D-Link DNS-320 ShareCenter < 1.06 - Backdoor Access
by GulfTech Security
PHP Melody <2.7.1 - SQL Injection
PHP Melody version 2.7.1 suffer from SQL Injection Time-based attack on the page ajax.php with the parameter playlist.
by Ahmad Mahfouz
CVSS 9.8
Telesquare SKT LTE Router SDT-CS3B1 Insecure Direct Object Reference
Telesquare SKT LTE Router SDT-CS3B1 firmware version 1.2.0 contains an insecure direct object reference vulnerability that allows attackers to bypass authorization and access resources by manipulating user-supplied input parameters. Attackers can directly reference objects in the system to retrieve sensitive information and access functionalities without proper access controls.
by LiquidWorm
CVSS 9.8
Xerox DC260 EFI Fiery Controller Webtools 2.0 - Arbitrary File Disclosure
by LiquidWorm
Silverstripe < 3.5.5 - Injection
In the CSV export feature of SilverStripe before 3.5.6, 3.6.x before 3.6.3, and 4.x before 4.0.1, it's possible for the output to contain macros and scripts, which may be executed if imported without sanitization into common software (including Microsoft Excel). For example, the CSV data may contain untrusted user input from the "First Name" field of a user's /myprofile page.
by Ishaq Mohammed
CVSS 5.5
UI Unifi Video < 3.8.0 - Incorrect Default Permissions
Ubiquiti UniFi Video before 3.8.0 for Windows uses weak permissions for the installation directory, which allows local users to gain SYSTEM privileges via a Trojan horse taskkill.exe file.
by Julien Ahrens
CVSS 7.8
Jextn Faq Pro - SQL Injection
The JEXTN FAQ Pro extension 4.0.0 for Joomla! has SQL Injection via the id parameter in a view=category action.
by Ihsan Sencan
CVSS 9.8
Biometric Shift EMS 3.0 - Auth Bypass
Biometric Shift Employee Management System 3.0 allows remote attackers to bypass intended file-read restrictions via a user=download request with a pathname in the path parameter.
by Ihsan Sencan
CVSS 7.5
Vitek - Remote Command Execution / Information Disclosure (PoC)
by bashis
Zuuse Beims Contractorweb .net - SQL Injection
CWEBNET/WOSummary/List in ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows SQL injection via the tradestatus, assetno, assignto, building, domain, jobtype, site, trade, woType, workorderno, or workorderstatus parameter.
by Rajwinder Singh
CVSS 9.8
Conarc Ichannel - Denial of Service
Conarc iChannel allows remote attackers to obtain sensitive information, modify the configuration, or cause a denial of service (by deleting the configuration) via a wc.dll?wwMaint~EditConfig request (which reaches an older version of a West Wind Web Connection HTTP service).
by Information Paradox
CVSS 9.8
BrightSign Digital Signage <4k242 - Path Traversal
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) allows renaming and modifying files via /tools.html.
by Information Paradox
CVSS 7.5
Brightsign 4k242 Firmware < 6.2.63 - XSS
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has XSS via the REF parameter to /network_diagnostics.html or /storage_info.html.
by Information Paradox
CVSS 6.1
Intel Graphics Driver - Privilege Escalation
Type Confusion in Content Protection HECI Service in Intel Graphics Driver allows unprivileged user to elevate privileges via local access.
by Google Security Research
CVSS 7.8
Joomla! Component NextGen Editor 2.1.0 - 'plname' SQL Injection
by Ihsan Sencan
Brightsign 4k242 Firmware < 6.2.63 - Path Traversal
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has directory traversal via the /storage.html rp parameter, allowing an attacker to read or write to files.
by Information Paradox
CVSS 9.8
By Source